Community Area

Securing Your Mobile Devices

In this article I’ll discuss the main threats associated with using Wi-Fi connections, laptops, smartphones, and tablets, and how to combat them.

Introduction

Businesses can manage the security of company-owned PCs and laptops, but their limited to what they can do on mobile devices employees bring. They can implement solutions like Exchange ActiveSync (EAS) with mobile device management and policy controls to help, but users should also understand mobile risks and how to protect against them. So here I’ll discuss the main threats associated with using Wi-Fi connections, laptops, smartphones, and tablets, and how to combat them.

Securing Your Wi-Fi Connections

Since every mobile device these days has Wi-Fi, wireless security is crucial. When on unprotected networks like Wi-Fi hotspots, anyone within range can capture your Internet traffic from the airwaves.

For sensitive sites like banks, the SSL encryption protects your password and the data. But for other sites and services you log onto, like email and social networks, encryption might not be enabled by default or offered at all. So for any website you log onto, ensure the connection is encrypted. The URL should begin with https instead of http. If it’s not, add the s and see if the site offers encryption before logging on.

When checking your email with a client program like Outlook, ensure encryption is enabled in the POP3/IMAP and SMTP settings for your email server. However, many email providers don’t offer encrypted connections. If this is the case for yours, see if you can check your email via a web interface that supports SSL encryption.

To protect all your Internet traffic while on public networks, consider using a VPN connection to encrypt your traffic. Check with your employer if they offer VPN access or consider a third-party VPN provider, such as ArchorFree Hotspot Shield, Private WiFi, or Wi-Topia Personal VPN.

If you use Wi-Fi hotspots regularly, see if there’s a Wi-Fi provider that offers encrypted access at areas you visit.

On laptops, you also need to protect your files by disabling file sharing. Within Windows Vista and later, ensure the hotspot connection is set as a Public network, which automatically turns off sharing.

Keep in mind there are also vulnerabilities when using Wi-Fi at home and work. For your home network, ensure your using WPA/WPA2-Personal security with a strong passphrase. You may also want to disable file sharing on your work laptop so others in the home can’t access your files. When using Wi-Fi at home or work you need to ensure you never connect to other networks.

If you ever lose a mobile device that you’ve connected to your work’s Wi-Fi connection, notify IT staff to ensure they change your login password. And if it’s a small business that uses the Personal (PSK) mode of WPA/WPA2 security, they might even need to change the passphrase on all devices.

Securing Laptops

Like desktop PCs, your laptop should always be running antivirus and a firewall. And since laptops can be easily stolen, you should also consider an antitheft solution, encrypting the hard drive, and setting up a backup solution.

Some laptops come with a built-in anti-theft solution within the BIOS so it’s still locatable if the thief wipes or replaces the hard drive. But if yours doesn’t include this there are other solutions, such as Absolute Software's LoJack for Laptops, Flipcode's Hidden, or ActiveTrak's GadgetTrak.

A Windows password should always be used on your laptops and PCs, but keep in mind it only serves as a first level of protection. A Windows password can be easily bypassed by thieves, giving them access to your files. Therefore consider encrypting your hard drive. If you’re running the Ultimate or Enterprise edition of Windows 7 or Vista, you can use Microsoft’s included BitLocker feature. Otherwise, consider free and open source utilities such as DiskCryptor or TrueCrypt.

Even if you lock down your laptop so thieves can’t access your files, losing them may be just as devastating. So ensure you have a good backup system in place. Consider an automated network or cloud solution that regularly backs up new/changed files.

Securing Smartphones and Tablets

Though you might not store real sensitive documents on your smartphone or tablet, there is still likely sensitive data thieves could recover, such as email messages and email login credentials. Plus they could access websites you’ve saved the password for, home and business Wi-Fi networks you’ve connected to, and possibly accounts you’ve downloaded apps for. Plus there’s all your personal data like contacts, call logs, text messages, and photos.

To ensure your mobile devices are protected against snoopers and thieves, set a PIN or password on them. Though it can be annoying, it will be quiet worth it if they do become lost or stolen.

Since smartphones and tablets can be easily lost, forget, or stolen, you should consider installing an antitheft app. These allow you to remotely control the device from a PC or other device. Most allow you to view it’s GPS location on a map, make it siren (even if it’s set in silent mode), set a PIN or password if you haven’t already, and even wipe the phone if you think you won’t get it back.

Summary

Remember Wi-Fi security is crucial, especially when on public hotspots. Always ensure websites and services you log onto are encrypted and on laptops ensure file sharing is disabled. And at home ensure your wireless router is configured with a strong WPA/WPA2-Personal passphrase.

For your laptops you should use an antitheft solution, encrypt the hard drive, and set up a backup solution. And for your smartphone and tablet, use a PIN or password and a security or antitheft app.

Preserving server hardware (Part 3)

This article examines some of the causes of and effects from overheating for business server systems, PCs, and laptops... Read More

Building a PowerShell GUI (Part 11)

I have two goals for this article. My primary goal is to modify the code we've created so far so that it displays some basic configuration information for the selected virtual machine. My secondary goal is to show you a couple of new techniques for displaying the script’s output... Read More